dovecot - Dec 2004 - "correct" permissions for login dir

I'm in process of moving away from Cyrus to Dovecot. I have my own
authentication daemon working fine. It sets up two sockets:

drwxr-x---  2 root  dovecot   512 Dec  7 21:07 /var/state/dovecot/login
srw-rw-rw-  1 krot  krot        0 Dec  7 21:07 /var/state/dovecot/login/sock
drwx------  2 krot  wheel     512 Dec  7 21:07 /var/state/dovecot/master
srw-rw-rw-  1 krot  wheel       0 Dec  7 21:07 /var/state/dovecot/master/sock

When I fire up Dovecot, it warns me of "incorrect" permissons for
login
dir (/var/state/dovecot/login) and "fixes" the problem. I want
/var/state/dovecot/login to be owned by user krot (which the main
daemon is running as), not by root.

I suggest that login directory is not touched if external authentication
is used. Socket are not wiped out, why should permissions be fixed? (see
in master/master-settings.c around line 560).

I'm afraid that some day I will forget to make this tiny change to
Dovecot and end up with a mail system which does not work at all,
because the master daemon won't be able to create dovecot/login socket.

1.0-test "works pretty well". Does it mean well enough to replace
Cyrus
(which indeed works pretty well)? I have maildir-based folders. Most
users have no idea what IMAP is (my sister uses IMAP because I set it
up, others just say that they don't need IMAP...) and they just download
everything using POP3. Sometimes they use SquirrelMail. Default usage
pattern. Are the risks high? Currently I have test56 on my test
installation (which is almost ready to take over).

Timo, Dovecot has been a pleasure to work with so far!

-- 
They make a desert and call it peace.
                -- Tacitus

On 7.12.2004, at 23:03, Kirill Miazine wrote:
> I suggest that login directory is not touched if external 
> authentication
> is used. Socket are not wiped out, why should permissions be fixed? 
> (see
> in master/master-settings.c around line 560).
Changed. I just hadn't thought about that.
> 1.0-test "works pretty well". Does it mean well enough to replace
Cyrus
> (which indeed works pretty well)? I have maildir-based folders. Most
> users have no idea what IMAP is (my sister uses IMAP because I set it
> up, others just say that they don't need IMAP...) and they just 
> download
> everything using POP3. Sometimes they use SquirrelMail. Default usage
> pattern. Are the risks high? Currently I have test56 on my test
> installation (which is almost ready to take over).
I have been using 1.0-tests for a long time at home and at work, 
although I haven't been often upgrading at work when I've found that 
one version works. I think if you don't see problems within first few 
days it'll work just fine.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20041209/6db731a6/attachment-0001.bin>